Using pointers across several network clients - Unix

This is a discussion on Using pointers across several network clients - Unix ; Hello NG! The following situation: I have a server (over network) application which allocates different pointers to several data structures in it's own memory. Some network clients should now be able to access those structures (At least a handle to ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Using pointers across several network clients

  1. Using pointers across several network clients

    Hello NG!

    The following situation:
    I have a server (over network) application which allocates different
    pointers to several data structures in it's own memory.

    Some network clients should now be able to access those structures (At
    least a handle to tell the server which structure to use for the internal
    operations of the server).

    My question:
    Is it a clean design if i'm directly using the pointer of the server data
    structures and treat them like a "data-handle" for the client? Some self-
    written functions would operate on such "handles" and the server itself
    also check's if the pointer's, which came from the clients, are valid
    before using.

    I know that different machines have different sizes for pointer's (int on
    x86, ...) - but this doesn't matter, at least not for this project.

    It's a question of time. I'm working on an existing, time-critical,
    project and updates/bugfixes should be implemented as fast as possible.
    But i don't wan't to produce unreadable code or security leaks.

    Any hints for me?

    Thanks,
    Andy

  2. Re: Using pointers across several network clients

    On Dec 5, 3:19 pm, Andreas Wittmann wrote:
    > Hello NG!
    >
    > The following situation:
    > I have a server (over network) application which allocates different
    > pointers to several data structures in it's own memory.
    >
    > Some network clients should now be able to access those structures (At
    > least a handle to tell the server which structure to use for the internal
    > operations of the server).
    >
    > My question:
    > Is it a clean design if i'm directly using the pointer of the server data
    > structures and treat them like a "data-handle" for the client? Some self-
    > written functions would operate on such "handles" and the server itself
    > also check's if the pointer's, which came from the clients, are valid
    > before using.


    Even with your caveats, I don't like this design.

    If it is possible that the values of the valid pointers could ever
    change (say, a recompile moves a fixed array to somewhere else in the
    DATA segment, or new code malloc()s data which displaces the regular
    pointer from it's presumed location), then each client app must be
    informed of the change. You can either do this by having each client
    inquire the values of these pointers from the server app before use,
    or you manually change something (hardcoded constant, configuration
    file, environment variable) for each client.

    Better to separate the pointer from the public "handle", instead.
    Keeping such a separation decouples the client apps from internal
    changes to the server that would modify the pointer data. It also
    ensures that the client apps do not infer (or attempt to infer)
    internal information from the values of the pointers or their
    relationships (data structure A is here, B is here, the difference is
    X, thus, there are hidden data structures between them that we might
    be able to access by constructing a suitable pointer Q and passing it
    to the server).

    One implementation might be to keep a simple table in the server, with
    each entry in the table containing one unique pointer. Let the clients
    pass an index into the table instead of the pointer. Publish the
    indexes as "well known values" (index 1 is /this/ data structure,
    index 2 is /that/ data structure). When the server changes the
    positions of the data structures, only the table needs to be updated.

    HTH
    --
    Lew

  3. Re: Using pointers across several network clients

    On Dec 5, 12:19 pm, Andreas Wittmann wrote:
    > Hello NG!
    >
    > The following situation:
    > I have a server (over network) application which allocates different
    > pointers to several data structures in it's own memory.
    >
    > Some network clients should now be able to access those structures (At
    > least a handle to tell the server which structure to use for the internal
    > operations of the server).
    >
    > My question:
    > Is it a clean design if i'm directly using the pointer of the server data
    > structures and treat them like a "data-handle" for the client? Some self-
    > written functions would operate on such "handles" and the server itself
    > also check's if the pointer's, which came from the clients, are valid
    > before using.


    How can you know whether the pointers are valid? You can maybe check
    that they don't point outside the program's address space (though this
    is usually inconvenient and non-portable) but there's no way to know
    that they actually point to an object of the desired type. A
    malicious client might give you a pointer that points to something
    totally different, that you don't want to mess with.

    > I know that different machines have different sizes for pointer's (int on
    > x86, ...) - but this doesn't matter, at least not for this project.
    >
    > It's a question of time. I'm working on an existing, time-critical,
    > project and updates/bugfixes should be implemented as fast as possible.
    > But i don't wan't to produce unreadable code or security leaks.


    Don't do this. It strikes me as dangerous and extremely ugly.

    It should be quite simple to keep a table of your objects, with only
    an index or key into the table being passed back and forth. It could
    be a flat array, if there are a small number and you don't have to do
    a lot of adding and deleting, or it could be something like C++'s
    std::map. I bet it will take you less time to implement than it did
    to write your post and read the replies.

  4. Re: Using pointers across several network clients

    On Dec 5, 3:46 pm, fjbl...@yahoo.com wrote:

    > How can you know whether the pointers are valid? You can maybe check
    > that they don't point outside the program's address space (though this
    > is usually inconvenient and non-portable) but there's no way to know
    > that they actually point to an object of the desired type. A
    > malicious client might give you a pointer that points to something
    > totally different, that you don't want to mess with.


    No, that's not true. It's not uncommon to create a way to validate
    pointers. The simplest way is to keep a hash of all pointers to
    objects of a given type. If you are given a pointer to an object of
    that type, you make sure the pointer is in the hash before you
    dereference it.

    In most cases, the pointer could still be to a stale object of that
    type, so the next thing you do is make sure the pointer still points
    to the object the other end thinks it points to. So you wind up
    passing a pair of values -- a pointer and some kind of object name or
    identifier.

    In many real-world cases, the pointer is only validated when the code
    is being debugged and the validation code is removed later. However,
    there are some real-world applications that use "safe pointers" even
    in released code, often when the lifetime of the object can't easily
    be monitored or controlled by code that needs to refer to the object.

    However, in this case, I don't see what this buys you. Since you still
    have to both validate the pointer and make sure it still points to the
    same object the other side thinks it points to, it would be simpler
    just to hash whatever it is you use to make sure you found the right
    object from the beginning.

    It's hard to be sure without knowing more about the OP's design and
    what kinds of objects you are tracking down, how often they are
    removed/replaced, and how they are typically referred.

    > It should be quite simple to keep a table of your objects, with only
    > an index or key into the table being passed back and forth. It could
    > be a flat array, if there are a small number and you don't have to do
    > a lot of adding and deleting, or it could be something like C++'s
    > std::map. I bet it will take you less time to implement than it did
    > to write your post and read the replies.


    That could just as well be a table of pointers, couldn't it? The
    question is -- what do you gain by having it be pointers? Raw pointers
    are way too dangerous, especially if they might become stale.

    DS

+ Reply to Thread